Introduction
GitHub Advanced Security (GHAS) plays a crucial role in enhancing the security posture of software development projects on GitHub. It provides a comprehensive set of tools and features designed to identify and address security vulnerabilities throughout the development lifecycle.
GHAS is primarily used by organizations running on GitHub Enterprise Cloud, offering enterprise-grade security features such as code scanning, secret scanning, and automated dependency management. Some of these capabilities help security and DevOps teams protect sensitive code, manage risk at scale, and meet compliance requirements across complex environments.
Note
These features are now available under separate SKUs—GitHub Secret Protection and GitHub Code Security—allowing teams to license only the components they need.
By integrating security directly into the development process with GHAS, your team can build more secure and reliable software.
In this module, we’ll be going over the basics of GHAS.
Learning objectives
This module will help you become familiar with GitHub's Advanced Security features and best practices. At the end of the module, you'll be able to:
- Define GHAS and the importance of the integral features such as Secret scanning, Code scanning, and Dependabot
- Explore how to utilize GHAS to maximize security impact
- Understand GHAS and its role in the security ecosystem
Prerequisites
- Familiarity with GitHub, repositories, and the basics of managing individual accounts is required
- Familiarity with personal and organizational authentication technologies and processes would be helpful